Fighting Fraud: Employing big data and analytics to reduce fraud

November/December 2014

By Drew Carter and Stephanie Anderson

Even a cursory Internet search of fraud crimes delivers a multitude of results: the Little League secretary siphoning off a few thousand dollars, the trader known as the London Whale losing more than $6.2 billion for JPMorgan Chase, and hackers gaining access to customer information at major retailers and international banks.

Fraud is a multi-industry problem. Banking and credit are the ones that most frequently come to mind for the average person. However, retail, transportation and manufacturing are also prone to fraud. In fact, it would be difficult to name an industry impervious to it. Take the telecommunications industry, for example. According to the FTC, telecom fraud accounted for 34 percent of its fraud complaints in 2012, up from 20 percent in 2010. Verizon estimates that fraud costs the industry $4 billion a year. In telecommunications, fraud is most frequently focused in three areas:

Defrauding telecommunication companies

Defrauding telecommunication subscribers

Schemes conducted over the telephone

While fraud is prevalent everywhere, its identification is not simple. There are two types of fraud schemes: “known” and “unknown.” Known fraud schemes are easier to identify. They are the scenarios where fraud has been identified in the past. Rules engines can be established in computer systems to look for specific patterns of behavior. For instance, one can look for transactions of a certain amount – say, more than $1,000 – between employees inside a company. However, similar to ever-evolving e-mail spam, the fraudsters are always devising new methods that can remain undetected for some period.

Unknown fraud schemes, especially new ones, may continue for years without detection until they are uncovered in an investigation or a company’s deep dive into costs and profitability variances during an economic downturn. These are the sinister schemes one can’t even imagine are happening because no one knows to look for them. Once they are uncovered and observed, their patterns can be “built into” rules-engines within a few days or weeks.

Change from Reactive to Proactive

Fraud prevention efforts are primarily spurred by reactive investigations and penalties. Few companies truly engage in proactive fraud monitoring. The majority of thought leadership in proactive monitoring has emerged from the financial services space. With millions of dollars (or more) at risk at the click of a mouse button, financial services companies have a clear incentive to actively monitor for fraud. One area that industry is monitoring is “bust-out” fraud, or first-party fraud in which the thief applies for a line of credit (credit card, etc.), behaves well, increases the credit line and then disappears, leaving a large balance delinquent. This type of scheme is estimated to cost more than $1.5 billion a year in losses, according to Credit Risk International.

A recent bust-out fraud cost Southern California banks at least $15 million. That scheme involved 15 people, is alleged to have started in February 2010 and ran until October 2013. According to the FBI, it included:

“Processors” who fabricated or hired others to make fictitious checks for the purpose of conducting bust-outs;

“Brokers” who solicited people with legitimate bank accounts; these would lend their accounts to be busted out in exchange for a fee; and

“Runners” or “washers” who allegedly deposited fictitious checks into, then withdraw funds from, the account to be busted out.

A few years ago a criminal group of more than 700 people cost U.S. banks over $80 million in losses. The most common scheme involved fraudulent loan applications that misstated how long the applicant had been employed and grossly exaggerated yearly salaries. Via online applications, the culprits received credit cards with sizeable credit limits.

Often, these people also received cash advances on the card. Shortly after the cash advances, they sent the issuing bank a check, frequently for slightly more than the outstanding balance. Although the check was returned for insufficient funds, the fraudulent payment caused the bank to temporarily increase credit lines. By the time the fraud was discovered, the bank was out tens of thousands of dollars per fraud incident.

Despite the large potential losses, however, even the most sophisticated operators are losing ground to fraud.

What’s Needed to Succeed?

Reactive fraud prevention will always be a handicapped method to prevent losses (and, often, embarrassing public events). Proactive fraud monitoring using advanced analytics, including big data, is required to adapt to the growing threat of fraud.

What exactly is big data? We define it by the “4 Vs”:

Volume. Originally described as the size of data versus processing capability, volume today is typically measured simply by size of the data alone. This year, “big” volume might be 25 terabytes (TB); by next year, 250 TB. For comparison, it’s estimated that a jet engine in a Boeing plane generates 20 TB of data for every hour of operation; on one Atlantic crossing, a four-engine jet can create 640 TB of data.

Velocity. This is the frequency of generation and capture of batch, near-time and real-time streams of data. A world of real-time promotional offers (where offers are generated at the moment of interaction) requires lightning-fast processing and feedback loops so that things like promotional campaigns can match geolocations, click streams, sentiments and purchase histories. For instance, online-ad technology can operate at 50 to 450 milliseconds (ms) and high-frequency stock-trading platforms operate at less than 60 ms for transatlantic round-trip transactions.

Variety. Data no longer fits into neat structures that happily reside in a traditional “database.” The proliferation in the variety of data sources (radio-frequency identification, sensors, social networking, mobile devices, etc.) and types (geospatial, etc.) – coupled with traditional sources (documents, click-stream sets, etc.) – conspire to generate a veritable fur ball. Add unstructured data to the mix, and things get even more complicated.

Virality. This is the speed at which data gets spread from person to person, whether by voice, image or machine. Social networks and the data they generate have created a new dimension of measurement: “going viral.” The monetization of data assets is about understanding factors old and new, and how they work together – not necessarily about capturing, storing or reporting on every piece of information passing near the orbit of a company. It’s about knowing what matters, discarding the rest, and focusing on the “important bits.”

Organizing around the data

Companies often address their big data challenges and opportunities by directing a talented IT person to “own” the program at hand. This tactic typically fails. To develop a true data-insights approach to business, an organization must treat data as an asset. And that means the whole company must be structured to access, interpret and act based on insights drawn from the data, focusing on:

External data (often from a combination of free and paid sources) that provides insight into fraudsters’ behaviors (such as applications for multiple lines of credit) – often a signal of coming malfeasance.

Agreeing that the business “drives this data”

Big data projects must be driven by the company’s core business in a way that makes it user-friendly, not by taking a “build-it-and-they-will-come and figure it out” approach. The business begins by determining the key-performance areas that are crucial to manage or monitor. That, in turn, determines the kinds of data required and the kinds of analysis needed to find the insights lurking in the data. For anti-fraud efforts, the business can guide data needs by identifying:

Already-known fraud scenarios – this will provide an initial data set to begin monitoring. It will also provide a basis for monitoring algorithms.

Building up sensitivities to unknown scenarios – while, of course, unknown risks are by definition unknown, companies can identify areas where the effect of fraud would be especially negative, such as an increase in product prices paid by certain customers, which may indicate procurement kickbacks or provide funding for covering up other undesirable behaviors, such as bribing government officials to obtain government contracts, permits and licensing or to overlook illegal or non-compliant activities.

Data analytics can help in monitoring these scenarios once desired business processes are defined and reporting dashboards are developed.

Sophisticated Analytics

Analytics, in this environment, does not mean just a spreadsheet. It means such things as advanced methods of pattern identification, to be designed and operated by experienced analytics and fraud professionals. Pattern recognition is a science of its own, but it is hardly new. For instance, the Fibonacci sequence was made famous by Italian mathematician Leonardo Bonacci, aka “Fibonacci,” in his 1202 book, “Liber Abaci.”

Advanced practitioners today are using pattern recognition methods to establish relationships in fields as diverse as baseball and healthcare. Analytics have even reached the level of sophistication to create original works of art. Dave Cope, a musician and computer scientist, has developed a program called “Emily Howell” that can create original works of music seen by many critics as being on par with that of the world’s greatest musicians.

When tackled by experienced professionals, these efforts should deliver:

Accurate insights – the “confusion matrix” is a standard tool to measure accuracy. It is used to identify type 1 (I said you were a safe transaction, but you were actually fraudulent) and type 2 (I said you were fraudulent, but you were actually a safe transaction) errors. The best monitoring provides a balance of missing only a few bad scenarios, but not calling too many scenarios into question.

Conclusion

With ever-increasing fraud instances and always more complex fraud scenarios, proactive monitoring for bad actors and bad scenarios is emerging as required capabilities for companies around the world. No company can afford the direct (monetary) and indirect (customer perception) losses associated with fraud incidents. It can take many years for companies to recover from these situations, and companies that are not taking the proper precautions face increasingly stiffer penalties. Although proactive solutions are available, and include the use of big data and analytics, they are not simple and require expert guidance.

Drew Carter (dcarter@alixpartners.com) is an applied analytics expert and Stephanie Anderson (sanderson@alixpartners.com) is an expert in fraud compliance and forensic accounting. They are managing directors of AlixPartners, LLP, (www.alixpartners.com), a global business advisory firm and an industry leader of proactive monitoring for compliance and fraud.

Related Posts

If the world seemed dangerous from a financial crime perspective last year, FICO experts predict an even more challenging 2017. In a new paper, four of the leaders in the company’s fraud and financial crime group laid out 17 predictions, ranging from killer devices in the home to hacked fingerprints.

Headlines

In the nearly 60 years between the 1939 release of Hollywood’s first full-length animated movie, “Snow White and the Seven Dwarfs” and modern hits like “Toy Story,” “Shrek” and more, advances in animation technology have revolutionized not only animation techniques, but moviemaking as a whole. However, a new study in the INFORMS journal Organization Science found that employing the latest technology doesn’t always ensure creative success for a film. Read more →

INFORMS selected a diverse group of six finalists for the 47th annual Franz Edelman Award for Achievements in Operations Research and Management Science, the world’s most prestigious award for achievement in the practice of analytics and O.R. The 2018 finalists, who will present their work before a panel of judges at the INFORMS Conference on Analytics & Operations Research in Baltimore on April 15-17, included innovative applications in broadcasting, healthcare, communication, inventory management, vehicle fleet management and alternative energy. Read more →

On Feb. 4, more than 40 percent of U.S. households will watch the 2018 Super Bowl game on TV. Advertisers will pay up to $4 million for a 30-second spot during the telecast. Is the high cost of advertising worth it? A new study finds that the benefits from Super Bowl ads persist well into the year with increased sales during other sporting events. Further, the research finds that the gains in sales are much more substantial when the advertiser is the sole advertiser from its market category or niche in a particular event. Read more →